CVE-2022-0319

Published: Jan 21, 2022Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Out-of-bounds Read in vim/vim prior to 8.2.

Affected (4)

Products: Vim: Vim · Debian: Debian Linux · Apple: Macos

1 product

1 product

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Vim Vim	Before 8.2.4154

Running on/with	Platform Versions
Canonical Ubuntu Linux	Version 20.04

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 9.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Apple Macos	Before 13.0

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (20)

http://seclists.org/fulldisclosure/2022/Oct/28

Source: security@huntr.dev

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2022/Oct/41

Source: security@huntr.dev

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2022/Oct/43

Source: security@huntr.dev

Mailing ListThird Party Advisory

https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9

Source: security@huntr.dev

PatchThird Party Advisory

https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b

Source: security@huntr.dev

ExploitPatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html

Source: security@huntr.dev

MitigationThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html

Source: security@huntr.dev

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/202208-32

Source: security@huntr.dev

Third Party Advisory

https://support.apple.com/kb/HT213444

Source: security@huntr.dev

Third Party Advisory

https://support.apple.com/kb/HT213488

Source: security@huntr.dev

Third Party Advisory

http://seclists.org/fulldisclosure/2022/Oct/28

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2022/Oct/41

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2022/Oct/43

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationThird Party Advisory

https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/202208-32

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.apple.com/kb/HT213444

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.apple.com/kb/HT213488

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.